我有一个带有fosuser的功能登录。
现在,我正在尝试将任何 CATTCHA 添加到由 fosuser 生成的登录中,我正在使用Symfony 3.4.4
我已经研究了一些链接:
-
与本教程一起recaptcha,但我不知道如何覆盖支票登录以添加验证。
-
ewzrecaptchabundle我没有找到任何fosuser
的样品 - BotDetect或Captchabundle似乎需要大量内存才能生成验证码。那不是我的选择,因为我的产品环境是共享托管
欢迎任何帮助或建议
问候
最后,我使用帖子中的选项1解决了我的问题,并将扩展为 /src/UserBundle/Controller/SecurityController.php并更改LoginAction
<?php
public function loginAction(Request $request){
$error = Security::AUTHENTICATION_ERROR;
$lastUsername = '';
$isValid=false;
$hasCaptcha=false;
if ($_POST) {
$lastUsername = $_POST['_username'];
$password_plain = $_POST['_password'];
$em = $this->getDoctrine()->getManager();
$userManager = $this->get('fos_user.user_manager');
$user =$userManager ->findUserByUsernameOrEmail($lastUsername);
if ($this->captchaverify($request->get('g-recaptcha-response'))) {
$hasCaptcha=true;
} else {
$error="Captcha is not Valid";
}
if($hasCaptcha){
if($user){
$factory = $this->container->get('security.encoder_factory');
$encoder = $factory->getEncoder($user);
if($encoder->isPasswordValid($user->getPassword(),$password_plain,$user->getSalt())){
$token = new UsernamePasswordToken($user, null, 'main', $user->getRoles());
$this->get('security.token_storage')->setToken($token);
return $this->redirectToRoute('homepage');
} else {
$error="password is not Valid";
}
}else{
$error="user is not Valid";
}
}
}
return $this->renderLogin(array(
'last_username' => $lastUsername,
'error' => $error,
));
}
function captchaverify($recaptcha){
$url = "https://www.google.com/recaptcha/api/siteverify";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, array(
"secret"=>"xxxxxxxx","response"=>$recaptcha));
$response = curl_exec($ch);
curl_close($ch);
$data = json_decode($response);
return $data->success;
}
- 还需要使用value'new_login'的'login_path'和" check_path"更改
security.yml,这是登录操作的新途径
firewalls:
dev:
pattern: ^/(_(profiler|wdt|error)|css|images|js)/
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
default_target_path: homepage
csrf_token_generator: security.csrf.token_manager
login_path: new_login
check_path: new_login
- 在我看来,我添加了:
<script src='https://www.google.com/recaptcha/api.js?hl=es'></script>
- 表格内:
<div class="g-recaptcha" data-sitekey="xxxxxx"></div>
希望在同一困境中帮助任何人